PT-2026-21076 · Passionate Brains · Google Analytics For Wordpress+1

Publicado

2026-02-20

·

Atualizado

2026-02-22

·

CVE-2025-68028

CVSS v3.1

6.5

Média

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Name of the Vulnerable Software and Affected Versions GA4WP: Google Analytics for WordPress versions through 2.10.0
Description An authorization issue exists in Passionate Brains GA4WP: Google Analytics for WordPress. The issue involves exploiting incorrectly configured access control security levels.
Recommendations Update GA4WP: Google Analytics for WordPress to a version later than 2.10.0.

Correção

Missing Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-862

Identificadores relacionados

CVE-2025-68028

Produtos afetados

Ga4Wp: Google Analytics For Wordpress
Google Analytics For Wordpress